|
|
|
Modern Operating Systems by Herbert Bos and Andrew S. Tanenb...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf
Showing 671 out of 1137
Modern Operating Systems by Herbert Bos and Andrew...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Modern Operating Systems by Herbert...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Page 671
640
SECURITY
CHAP. 9
Although every exploit involves a specific bug in a specific program, there are
several general categories of bugs that occur over and over and are worth studying
to see how attacks work. In the following sections we will examine not only a
number of these methods, but also countermeasures to stop them, and counter
countermeasures to evade these measures, and even some counter counter count-
ermeasures to counter these tricks, and so on. It will give you a good idea of the
arms race between attackers and defenders—and what it is like to go jogging with
the Red Queen.
We will start our discussion with the venerable buffer overflow, one of the
most important exploitation techniques in the history of computer security. It was
already used in the very first Internet worm, written by Robert Morris Jr. in 1988,
and it is still widely used today. Despite all counter measures, researchers predict
that buffer overflows will be with us for quite some time yet (Van der Veen, 2012).
Buffer overflows are ideally suited for introducing three of the most important pro-
tection mechanisms available in most modern systems: stack canaries, data execu-
tion protection, and address-space layout randomization. After that, we will look at
other exploitation techniques, like format string attacks, integer overflows, and
dangling pointer exploits. So, get ready and put your black hat on!
9.7.1 Buffer Overflow Attacks
One rich source of attacks has been due to the fact that virtually all operating
systems and most systems programs are written in the C or C++ programming lan-
guages (because programmers like them and they can be compiled to extremely ef-
ficient object code). Unfortunately, no C or C++ compiler does array bounds
checking. As an example, the C library function
gets
, which reads a string (of
unknown size) into a fixed-size buffer, but without checking for overflow, is notori-
ous for being subject to this kind of attack (some compilers even detect the use of
gets
and warn about it). Consequently, the following code sequence is also not
checked:
01. void A( ) {
02.
char B[128];
/* reserve a buffer with space for 128 bytes on the stack */
03.
printf ("Type log message:");
04.
gets (B);
/* read log message from standard input into buffer */
05.
writeLog (B);
/* output the string in a pretty format to the log file */
06. }
Function
A
represents a logging procedure—somewhat simplified. Every time
the function executes, it invites the user to type in a log message and then reads
whatever the user types in the buffer
B
, using the
gets
from the C library. Finally, it
calls the (homegrown)
writeLog
function that presumably writes out the log entry
in an attractive format (perhaps adding a date and time to the log message to make
Ace your assessments! Get Better Grades
Browse thousands of Study Materials & Solutions from your Favorite Schools
Concordia University
Concordia_University
School:
Operating_Systems
Course:
Great resource for chem class. Had all the past labs and assignments
Leland P.
Santa Clara University
Introducing Study Plan
Using AI Tools to Help you understand and remember your course concepts better and faster than any other resource.
Find the best videos to learn every concept in that course from Youtube and Tiktok without searching.
Save All Relavent Videos & Materials and access anytime and anywhere
Prepare Smart and Guarantee better grades
Know more
Students also viewed documents
lab 18.docx
lab_18.docx
Course
Course
3
Module5QuizSTA2023.d...
Module5QuizSTA2023.docx.docx
Course
Course
10
Week 7 Test Math302....
Week_7_Test_Math302.docx.docx
Course
Course
30
Chapter 1 Assigment ...
Chapter_1_Assigment_Questions.docx.docx
Course
Course
5
Week 4 tests.docx.do...
Week_4_tests.docx.docx
Course
Course
23
Week 6 tests.docx.do...
Week_6_tests.docx.docx
Course
Course
106
